Monday, March 6, 2017

A year ago today...

Governments from most of the countries around the world are concerned more and more everyday about cybersecurity.Some governments even create specific systems to improve in cybersecurity, and this helps the companies in the sense of being less 'alone in the face of danger'. Having almost daily attacks on ministries of defense in countries such as Singapore make the existence of a specific institution a priority for the security of state data.

Like every Monday, today we look back and analyze what happened a year ago, when we knew about the chatty ransomware. Trend Micro warned of the existence of a ransomware, called CERBER, it "spoke" to its victims through an audio file that read: Beware! "Your documents, photos, databases and other important files have been encrypted" All of them in English, of course, but it had the option, if the victims used Tor, to go to a page where they were told the same in many languages ​​so that everyone could understand the message. How important it is to know languages, and more when there is a lot of money at stake ...

Great mafias or small cibercacos, to prevent that they attack us we must consider simple advice. Some so simple that it seems weird to have to repeat them: use secure passwords. that's what they say "MIT Technology Review" a year ago, where it discovered a new line of investigation on the passwords. In those moments and now, we have all realized the uselessness of the current system of passwords and we are attending a race to see who discovers the new winning formula. We have seen many proposals like "authentication of free gestures" or, what is the same, draw strokes with the fingers, but we did not catch the attention last month the news that the heartbeat can get to unlock files and computers.

And as there is no greater defense than a good attack, the US launched the news of the competition "Hack the Pentagon". In return for a reward for whoever got it, The Pentagon invited security experts of American nationality to try to break their defenses. It was the first time, as far as we know, that a government proposed such challenges. Until now, the pentestings in the Pentagon were made only by the so-called "red teams". Nowadays it may not be such a difficult thing to do, especially considering that the vice president uses his personal email for state affairs. Fortunately, the issue of passwords is investigating and putting more obstacles to cybercrime, giving more peace of mind to end users.

Looking at the summary of the news from a year ago and making a comparison with today, we ask ourselves the question of whether things have changed or are practically the same. When the main power in the world has its cybersecurity one day, another day too, asking this question is almost normal. No matter how nice the way a ransomware has to warn you, it is difficult to remove iron according to what matters.